package com.yumeng.framework.auth.security.authentication.captcha;

import com.yumeng.common.cache.SimpleCacheAdapter;
import com.yumeng.common.helper.AssertHelper;
import com.yumeng.framework.auth.exception.NormalAuthException;
import com.yumeng.framework.auth.exception.SecurityAuthException;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpMethod;
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.filter.GenericFilterBean;

import java.io.IOException;

/**
 * 验证码过滤器
 * 场景：1、普通用户名密码登录 2、手机获取验证码登录等等
 * @author wxd
 * @date 2025/3/4 15:38
 */
public class CaptchaVerifyFilter extends GenericFilterBean {

    // 请求匹配器
    private RequestMatcher requiresRequestMatcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.POST, "/login");
    // 用户输入的验证码
    private String captchaParameter = "captcha";
    // 验证码ID
    private String captchaIdParameter = "captchaId";
    // 认证失败处理器
    //private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();

    public CaptchaVerifyFilter() {
    }

    /**
     * 进入用户名密码认证之前，对验证码进行校验
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
        if (requiresRequestMatcher.matches((HttpServletRequest) request)) {
/*            try {

            } catch (AuthenticationException e) {
                failureHandler.onAuthenticationFailure((HttpServletRequest) request, (HttpServletResponse) response, e);
            }*/
            String captcha = request.getParameter(captchaParameter);
            String captchaId = request.getParameter(captchaIdParameter);
            if (StringUtils.isBlank(captcha) || StringUtils.isBlank(captchaId)) {
                throw new SecurityAuthException("验证码参数为空");
            }
            // 未查询到ID对应的验证码
            String cacheCaptcha = SimpleCacheAdapter.getCaptcha(captchaId);
            if (StringUtils.isBlank(cacheCaptcha)) {
                throw new SecurityAuthException("验证码已过期");
            }
            // 校验验证码是否输入正确
            if (!cacheCaptcha.equals(captcha)) {
                throw new SecurityAuthException("验证码输入错误");
            }
            SimpleCacheAdapter.removeCaptcha(captchaId);
            filterChain.doFilter(request, response);
        } else {
            filterChain.doFilter(request, response);
        }
    }

    public String getCaptchaParameter() {
        return captchaParameter;
    }

    public void setCaptchaParameter(String captchaParameter) {
        AssertHelper.assertNotBlank(captchaParameter, "captchaParameter must not be empty or null");
        this.captchaParameter = captchaParameter;
    }

    public String getCaptchaIdParameter() {
        return captchaIdParameter;
    }

    public void setCaptchaIdParameter(String captchaIdParameter) {
        AssertHelper.assertNotBlank(captchaIdParameter, "captchaIdParameter must not be empty or null");
        this.captchaIdParameter = captchaIdParameter;
    }

/*    public AuthenticationFailureHandler getFailureHandler() {
        return failureHandler;
    }

    public void setFailureHandler(AuthenticationFailureHandler failureHandler) {
        AssertHelper.assertNotNull(failureHandler, "failureHandler must not be empty or null");
        this.failureHandler = failureHandler;
    }*/

    public void setRequiresRequestMatcher(RequestMatcher requiresRequestMatcher) {
        this.requiresRequestMatcher = requiresRequestMatcher;
    }
}
